<?php

/**
 * Check is nickname available for registration
 * @param string $nickname
 */
function amber_is_nickname_available($nickname) {
    $sql = "
    	SELECT 1
    	  FROM `amber_users`
    	 WHERE `nickname` = :nickname
    ";

    $res = amber_run_query($sql, array (':nickname' => substr($nickname, 0, 64)));

    return array('resp' => sizeof($res) ? FALSE : TRUE);
}

/**
 * Register user
 * @param string $nickname
 * @param string $superkey
 */
function amber_register_user($nickname, $superkey, $privatekey, $chalange, $response) {
    if (!amber_captcha_check($privatekey, $challange, $response)) {
        amber_send_error('error-useradd-badcaptcha');
    }

    $is_nick_available = amber_is_nickname_available($nickname);

    if (!$is_nick_available['resp']) {
        amber_send_error('error-useradd-nickname-taken');
    }

    $sql = "
    	INSERT INTO `amber_users` (`id`, `nickname`, `superkey`, `token`, `expire`)
    		 VALUES               (:id,  :nickname,  :superkey,   '',      0)
    ";

    $args = array (
        ':id' => gen_uid(AMBER_ID_LEN),
        ':nickname' => substr($nickname, 0, 64),
        ':superkey' => amber_hash_password($superkey)
    );

    $res = amber_run_query($sql, $args, FALSE);

    if (23000 == $res) {
        $args[':id'] = gen_uid(AMBER_ID_LEN);;

        $res = amber_run_query($sql, $args, FALSE);

        if (23000 == $res) {
            $args[':id'] = gen_uid(AMBER_ID_LEN);
            $res = amber_run_query($sql, $args, FALSE);

            if (23000 == $res) {
                amber_send_error('error-useradd-integrity');
            }
        }
    }

    return array('resp'  => $id);
}

function amber_set_token($nickname, $superkey, $expire) {
    $sql = "
    	SELECT `id`
    	  FROM `amber_users`
    	 WHERE `nickname` = :nickname
    	   AND `superkey` = :superkey
    ";

    $args = array (
        ':nickname' => $nickname,
        ':superkey' => amber_hash_password($superkey)
    );

    $res = amber_run_query($sql, $args, FALSE);

    if (!sizeof($res)) {
        amber_send_error('error-nickname-superkey-mismatch');
    }

    $token = md5($nickname . $_SERVER['REMOTE_ADDR']);

    // updating
    $sql = "
    	 UPDATE `amber_users`
    	    SET	`token` = :token,
    	        `expire` = :expire
    	 WHERE  `id` = :id
    ";

    $args = array (
        ':id' => $res[0]['id'],
        ':token' => $token,
        ':expire' => $expire
    );

    $res = amber_run_query($sql, $args, FALSE);

    setcookie("amber_token", $token, (int) $expire);
    return array('resp' => $token);
}

/**
 * Get user id by token (for internal use)
 * @param string $token
 */
function amber_get_user_id_by_token($token) {
    $sql = "
    	SELECT `id`
    	  FROM `amber_users`
    	 WHERE `token` = :token
    	   AND `expire` > :now
    ";

    $args = array (
        ':token' => $token,
        ':expire' => microtime(TRUE)
    );

    $res = amber_run_query($sql, $args, FALSE);

    if (!sizeof($res)) {
        amber_send_error('error-token-mismatch');
    }

    return $res[0]['id'];
}














?>